A Legitimate Threat; How Internet Security Can Affect You
Eight years ago, Yahoo, Amazon, CNN, the FBI and many other organizations had their websites rendered unreachable as a result of a DDoS(Distributed Denial of Service) attack. The attack tied up routers for several hours with large-byte ICMP packet transfers. The attackers were unknown at the time, using Trojans to flood the servers and hence making them useless to the average user. The attack was blamed on fundamental flaws in the architecture of computer and router systems. This being one of the first major examples of a purposeful attack, it has become increasingly important that people take precaution and secure their system. Concurrently, computer security is a field which constantly requires more and more attention. With the advent of the Internet and other astonishing developments, attackers have taken advantage of flaws in computer architecture to be malicious and threaten systems that extend beyond technology and into the realm of everyday life due to the increasingly extended reach of the internet. Individuals should be aware of these issues and secure their computers in order to combat these threats.
Morris Worm (1990)
Originally intended to calculate the size of the internet, the Morris worm became a threat when an error in the program's code led to a worm which would continuously install itself to computers, each time slowing down the machine until the computer became unusable. At the time Robert Morris, the creator of the worm, was a student at Cornell. Causing up to $100 million in damages, Robert Morris was sentenced to three years of probation, 400 hours of community service, and a fine of $10,000. This was the first conviction of the computer fraud act although the worm was released to computer networks with the intention to gain knowledge.
Ethics
Morris did not intend to cause the damage that he did, but was still found guilty by the court of law. Some argue that because he did not intentionally do the damage, Morris did not deserve to be punished. Others argue that Morris was responsible for his own actions and that because he was careless and caused monetary harm to others, he is responsible for the damage that he may have caused. We want to know what you think.
Computer ethics is a topic which has existed for a very shirt period of time. As a result, many laws and regulations regarding computer usage are somewhat unclear, and laws which have been explicitly defined are not well known by the general public. Computer ethics can include:
Computer Crime
Privacy Issues
Intellectual Property
Business Ethics
Since the development of the internet many of these topics have become vague. Most would argue that the purposeful creation of a virus is in fact Computer Crime, however, the majority of computer viruses were not intentionally created for the purpose of causing harm. In addition, especially with websites such as Facebook.com, privacy has become an even more discussed topic. Currently, when adding a Facebook application, the creator of the application can view all of the information on the facebook users page, as well as the information on his friends pages. This is just one example of the privacy of individuals being violated, sometimes without the consent of the individual. In reality, computer ethics and lwas should be defined very clearly. Many laws are defined by region, but the internet is used on an international level. International laws should be made clear regarding internet usage.
Increasing Attacks
Attacks Are Becoming More Complex
As a result of the growing number of attacks and viruses being created, it is important that computers become more secure.
Computer Insecurities
Insecure Architecture
Insecure and unstable architecture can often allow hackers to access a systems back end. Although the average user may not be affected by insecure architecture, a problem could arise in the future. Example: Windows Vista has been accused of being insecure although it is advertised as Microsoft's most secure operating system.
Buffer Overflow
"A common cause of malfunctioning software. If the amount of data written into a buffer exceeds the size of the buffer, the additional data will be written into adjacent areas. These areas could be buffers, constants, flags or variables. Any aberrant behavior can result when control data, such as a binary flag, is altered erroneously (it only takes one bit!). Malicious hackers can exploit buffer overflows by appending executable instructions to the end of data and causing that code to be run after it has entered memory" Taken from the Computer Encyclopedia
Denial of Service Attacks
(DoS) and Distribute Denial of Service(DDoS) - Individuals can use this type of attack to gain access to unauthorized areas. however, most problems with DoS and DDoS have been resolved.
Protection from DDoS
Direct Access Attacks
Individuals who have gained access to your computer can install malicious software such as keyloggers. (As the name implies, keyloggers log what you type into your computer and can be used to steal vital information such as passwords.) This can be done from the computer's physical location, but has been achieved many times through network access.
Precautions Against Attacks
These are aspects of security that the average computer user can control.
Firewall
Most operating systems will come with a firewall. For someone who only uses his computer for word processing and surfing the web, there should never be a reason to disable a firewall.
Antivirus
Some antivirus should always be installed. It is very easy to get a virus when using the internet.
Note: You should never install more then one antivirus software. Antivirus programs will often edit key parts of your operating system. Installing a second antivirus program will cause system instability and may incapacitate your computer.
Password
Choosing a secure password is important. Many people use common phrases or even the word "password" as their password. The best password is an assortment of random characters, including letters and numerals.
Here are directions for creating a strong password: http://www.microsoft.com/protect/yourself/password/create.mspx
Finally, Windows operating systems experience more viruses than Mac OS or Unix/Linux OS. The Mac commercials do have some truth to them.
These videos are actually not an exaggeration though they use humor to make their point.
Table of Contents
A Legitimate Threat; How Internet Security Can Affect You
Eight years ago, Yahoo, Amazon, CNN, the FBI and many other organizations had their websites rendered unreachable as a result of a DDoS(Distributed Denial of Service) attack. The attack tied up routers for several hours with large-byte ICMP packet transfers. The attackers were unknown at the time, using Trojans to flood the servers and hence making them useless to the average user. The attack was blamed on fundamental flaws in the architecture of computer and router systems. This being one of the first major examples of a purposeful attack, it has become increasingly important that people take precaution andMorris Worm (1990)
Originally intended to calculate the size of the internet, the Morris worm became a threat when an error in the program's code led to a worm which would continuously install itself to computers, each time slowing down the machine until the computer became unusable. At the time Robert Morris, the creator of the worm, was a student at Cornell. Causing up to $100 million in damages, Robert Morris was sentenced to three years of probation, 400 hours of community service, and a fine of $10,000. This was the first conviction of the computer fraud act although the worm was released to computer networks with the intention to gain knowledge.Ethics
Morris did not intend to cause the damage that he did, but was still found guilty by the court of law. Some argue that because he did not intentionally do the damage, Morris did not deserve to be punished. Others argue that Morris was responsible for his own actions and that because he was careless and caused monetary harm to others, he is responsible for the damage that he may have caused. We want to know what you think.Computer ethics is a topic which has existed for a very shirt period of time. As a result, many laws and regulations regarding computer usage are somewhat unclear, and laws which have been explicitly defined are not well known by the general public. Computer ethics can include:
- Computer Crime
- Privacy Issues
- Intellectual Property
- Business Ethics
Since the development of the internet many of these topics have become vague. Most would argue that the purposeful creation of a virus is in fact Computer Crime, however, the majority of computer viruses were not intentionally created for the purpose of causing harm. In addition, especially with websites such as Facebook.com, privacy has become an even more discussed topic. Currently, when adding a Facebook application, the creator of the application can view all of the information on the facebook users page, as well as the information on his friends pages. This is just one example of the privacy of individuals being violated, sometimes without the consent of the individual. In reality, computer ethics and lwas should be defined very clearly. Many laws are defined by region, but the internet is used on an international level. International laws should be made clear regarding internet usage.Increasing Attacks
As a result of the growing number of attacks and viruses being created, it is important that computers become more secure.
Computer Insecurities
Insecure Architecture
Insecure and unstable architecture can often allow hackers to access a systems back end. Although the average user may not be affected by insecure architecture, a problem could arise in the future. Example: Windows Vista has been accused of being insecure although it is advertised as Microsoft's most secure operating system.Buffer Overflow
"A common cause of malfunctioning software. If the amount of data written into a buffer exceeds the size of the buffer, the additional data will be written into adjacent areas. These areas could be buffers, constants, flags or variables. Any aberrant behavior can result when control data, such as a binary flag, is altered erroneously (it only takes one bit!). Malicious hackers can exploit buffer overflows by appending executable instructions to the end of data and causing that code to be run after it has entered memory" Taken from the Computer EncyclopediaDenial of Service Attacks
(DoS) and Distribute Denial of Service(DDoS) - Individuals can use this type of attack to gain access to unauthorized areas. however, most problems with DoS and DDoS have been resolved.Direct Access Attacks
Individuals who have gained access to your computer can install malicious software such as keyloggers. (As the name implies, keyloggers log what you type into your computer and can be used to steal vital information such as passwords.) This can be done from the computer's physical location, but has been achieved many times through network access.Precautions Against Attacks
These are aspects of security that the average computer user can control.Firewall
Most operating systems will come with a firewall. For someone who only uses his computer for word processing and surfing the web, there should never be a reason to disable a firewall.Antivirus
Some antivirus should always be installed. It is very easy to get a virus when using the internet.
Note: You should never install more then one antivirus software. Antivirus programs will often edit key parts of your operating system. Installing a second antivirus program will cause system instability and may incapacitate your computer.Password
Choosing a secure password is important. Many people use common phrases or even the word "password" as their password. The best password is an assortment of random characters, including letters and numerals.Here are directions for creating a strong password: http://www.microsoft.com/protect/yourself/password/create.mspx
Finally, Windows operating systems experience more viruses than Mac OS or Unix/Linux OS. The Mac commercials do have some truth to them.
These videos are actually not an exaggeration though they use humor to make their point.
Sources:
http://snowplow.org/tom/worm/worm.html
http://searchsecurity.techtarget.com/sDefinition/0,,sid14_gci557336,00.html
http://www.webopedia.com/
http://www.informationweek.com/news/internet/showArticle.jhtml?articleID=202400629